IBM X-Force Malware Analysis on Cloud - Workbench

Frequently asked questions

Get answers to the most commonly asked questions about this product.

Getting started with this product

How do I get access to results of the analysis?

You can view the results of your file analysis by logging onto the IBM X-Force Exchange platform. Select the hamburger menu in the upper left-hand corner, then select malware analysis, then select view uploads.

What do the results of the analysis include?

The results will include information such as; a threat score indicating the confidence, the name of the malware variants associated with the file, and any URLs or IP addresses of command and control servers that may be associated with the file.

How long does the analysis take to run?

File analysis can take anywhere between 30 seconds and 15 minutes depending on the size and complexity of the file and system load.

What happens to the files I submit for analysis after I get the results?

The files that you submit for analysis are destroyed after the analysis is completed.

Pricing

How is this offering priced?

The Workbench offering is priced per user for 2,000 manual downloads per month.

Security

How does this offering protect private data contained in the file?

Your files are protected by encryption when they traverse the network and also when they are at rest on the system doing the analysis. When analysis is complete your file is destroyed.

Other common questions

What is the difference between the Workbench and XGS offerings for IBM X-Force Malware Analysis on Cloud?

The Workbench offering allows clients to manually submit files for malware analysis in IBM X-Force Exchange. The XGS offering allows clients to configure their IBM QRadar Network Security XGS appliance to automatically collect files on their network and send them for malware analysis.

How is this offering different from the existing malware search results on X-Force Exchange?

The existing system reports on hashes that can find known malware, and return a basic report. The new Malware offering can find known and unknown malware; it executes your file in an environment that emulates a target operating system, and looks at the behavior to determine if it's malicious or not.